<?php
/*
 * This library is free software; you can redistribute it and/or modify it 
 * under the terms of the BSD License.
 *
 * This library is distributed in the hope that it will be useful, but 
 * WITHOUT ANY WARRANTY; without even the implied warranty of 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
 */

/**
 * An Order is a class that embodiesa physical snail mail address.
 * 
 * @package GoogleCheckout
 * @author Byrne Reese <byrne@majordojo.com>
 * @copyright 2006-2008, Byrne Reese.
 */

/**
 * @ignore
 */
require_once("Address.php");

/**
 * @todo - Ok, so the design of this is imperfect right now from an OOP 
 * standpoint. There should be no SQL here. There should be a basic base class
 * and perhaps a MySQL Order class of some kind. But for now, this is fine.
 * @package GoogleCheckout
 */
class Order {

  public $orderNumber;
  public $orderTotal;
  public $fulfillmentState;
  public $financialState;
  public $buyerId;
  public $shippingAddress;
  public $billingAddress;
  public $shippingContactName;
  public $createdDate;
  
  private static $BASE_SQL = "SELECT order_number,order_total,fulfillment_state,financial_state,buyer_id,shipping_contact_name,shipping_email,shipping_phone,shipping_fax,shipping_address1,shipping_address2,shipping_city,shipping_region,shipping_zip,shipping_country,billing_contact_name,billing_email,billing_phone,billing_fax,billing_address1,billing_address2,billing_city,billing_region,billing_zip,billing_country,created_date FROM orders ";

  public static function findByOrderId($id) {
    $o = new Order();
    $sql = Order::$BASE_SQL . "WHERE order_number = $id";
    $query = mysql_query($sql) or die("Error: $sql<p>" . mysql_error());
    if (mysql_num_rows($query) > 0) { 
      $o->billingAddress = new Address();
      $o->shippingAddress = new Address();
      list($o->orderNumber,$o->orderTotal,$o->fulfillmentState,$o->financialState,$o->buyerId,$o->shippingAddress->contactName,$o->shippingAddress->email,$o->shippingAddress->phone,$o->shippingAddress->fax,$o->shippingAddress->address1,$o->shippingAddress->address2,$o->shippingAddress->city,$o->shippingAddress->region,$o->shippingAddress->postalCode,$o->shippingAddress->country,$o->billingAddress->contactName,$o->billingAddress->email,$o->billingAddress->phone,$o->billingAddress->fax,$o->billingAddress->address1,$o->billingAddress->address2,$o->billingAddress->city,$o->billingAddress->region,$o->billingAddress->postalCode,$o->billingAddress->country,$o->createdDate) = mysql_fetch_row($query);
    } else {
      return;
    }
    return $o;
  }

  public function insert() {
    $sql = sprintf("
          INSERT INTO ".MYSQL_DB.".orders (
                       order_number,
                       order_total,
                       fulfillment_state,
                       financial_state,
                       buyer_id,
                       shipping_contact_name,
                       shipping_email,
                       shipping_phone,
                       shipping_fax,
                       shipping_address1,
                       shipping_address2,
                       shipping_city,
                       shipping_region,
                       shipping_zip,
                       shipping_country,
                       billing_contact_name,
                       billing_email,
                       billing_phone,
                       billing_fax,
                       billing_address1,
                       billing_address2,
                       billing_city,
                       billing_region,
                       billing_zip,
                       billing_country,
                       created_date
	       ) VALUES ('%s',%f,'%s','%s',%d,'%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s',NOW())",
		   mysql_escape_string($this->orderNumber),
		   $this->orderTotal,
		   mysql_escape_string($this->fulfillmentState),
		   mysql_escape_string($this->financialState),
		   $this->buyerId,
		   mysql_escape_string($this->shippingAddress->contactName),
		   mysql_escape_string($this->shippingAddress->email),
		   mysql_escape_string($this->shippingAddress->phone),
		   mysql_escape_string($this->shippingAddress->fax),
		   mysql_escape_string($this->shippingAddress->address1),
		   mysql_escape_string($this->shippingAddress->address2),
		   mysql_escape_string($this->shippingAddress->city),
		   mysql_escape_string($this->shippingAddress->region),
		   mysql_escape_string($this->shippingAddress->postalCode),
		   mysql_escape_string($this->shippingAddress->countryCode),
		   mysql_escape_string($this->billingAddress->contactName),
		   mysql_escape_string($this->billingAddress->email),
		   mysql_escape_string($this->billingAddress->phone),
		   mysql_escape_string($this->billingAddress->fax),
		   mysql_escape_string($this->billingAddress->address1),
		   mysql_escape_string($this->billingAddress->address2),
		   mysql_escape_string($this->billingAddress->city),
		   mysql_escape_string($this->billingAddress->region),
		   mysql_escape_string($this->billingAddress->postalCode),
		   mysql_escape_string($this->billingAddress->countryCode)
		   );
    $query = mysql_query($sql) or die("Error: $sql -- " . mysql_error());
  }

}
?>